Some schools in Singapore were also affected, including the Singapore College of Insurance and the Institute of Singapore Chartered Accountants.

NUS said the stolen data included names, email addresses, and student numbers.

The university said no other sensitive information was stolen.

NUS told students and staff to change their passwords and limited access to Canvas from May 11 to 14.

The attack happened on May 7, and it was the second time Instructure was breached in a week.

Instructure said the second breach used its Free-For-Teacher program, which is now closed.

Other universities like MIT, Oxford, and Cambridge were also affected.

ShinyHunters threatened to release the stolen data unless schools negotiated with them.

The group gave schools until May 12 to contact them and negotiate a settlement.

Instructure said the breach only included some user information, like names and email addresses.

The Cyber Security Agency of Singapore is monitoring the situation and helping affected schools.

ISCA said only names and email addresses were stolen, and its core systems were not affected.

The Singapore College of Insurance said its systems were not affected, but it is still taking the matter seriously.

ShinyHunters is a group that attacks companies and schools for money, and it has been linked to other big attacks.